Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1
|
|
- Candice Carroll
- 6 years ago
- Views:
Transcription
1 Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1415/ Chapter 16: 1
2 Chapter 16: Communications Security Chapter 16: 2
3 Agenda Threat model Secure tunnels Protocol design principles IPsec SSL/TLS EAP Chapter 16: 3
4 Threat Model Attacker has access to communications link between two end points: can see and modify messages. The job of a communications security service is done once data has been delivered to an end point. This is the old secret service threat model. A passive attacker just listens to traffic. When the attacker is interested in the content of messages, we talk about eavesdropping, wiretapping, or sniffing. Traffic analysis tries to identify communications patterns; may be possible even when attacker cannot read individual messages. Attacker might also be interested in a target s location. Chapter 16: 4
5 Active Attackers Active attacker may modify messages, insert new messages, or corrupt network management information like the mapping between DNS names and IP addresses. In spoofing attacks messages come with forged sender addresses. In flooding (bombing) attacks a large number of messages is directed at the victim. In squatting attacks, the attacker claims to be at the victim s location. Active attacks are not necessarily more difficult than passive attacks; e.g., in practice it is easier to send an with a forged sender address than to intercept an intended for someone else. Chapter 16: 5
6 Secure Tunnels Secure tunnel (channel): secure logical connection between two end points across an insecure network. Typical security guarantees are data integrity, confidentiality, and data origin authentication. End points might be machines named by domain names or IP addresses; end points might be specific software components hosted at a client or a server. Confusion about the precise nature of the end point authenticated can lead to security services that do not provide any security at all. If the tunnel does not end where the user expects, the attacker may wait at the other side of the tunnel. Secure tunnels do not provide security services once data are received. Chapter 16: 6
7 Typical Cryptographic Primitives Expensive asymmetric encryption and signature algorithms, Diffie-Hellman (still to come), only for entity authentication and key exchange. Symmetric encryption algorithms, for speed. Cheap MAC algorithms, usually built from hash functions. (Keyed) pseudo-random functions for key derivation. Sequence numbers to prevent replay attacks. Nonces and timestamps for freshness in entity authentication. Chapter 16: 7
8 Protocol Layering Application 7 5 Application Presentation 6 Session 5 4 TCP Transport IP Network Interface Network Data Link Hardware Physical 1 Internet ISO/OSI 7 layer model Chapter 16: 8
9 Protocol Layering (N)-PDU (N)-PDU header payload trailer header payload trailer (N-1)-PDU (N-1)-PDU PDU Protocol Data Unit Chapter 16: 9
10 Implementing Security Services Header in (N-1)-PDU is convenient location for storing security relevant data. Upper layer protocol can be aware of lower layer security services: Upper layer protocol has to change its calls so that they refer to the security facilities provided. Lower layer security services can be transparent to upper layer protocol: Upper layer protocol need not be changed at all. Chapter 16: 10
11 Security & Network Layers Security can be applied at any of the network layers except layer 1 (physical layer). Even this is sometimes possible, e.g. spread spectrum techniques for limited privacy. In general, the lower the layer the more generic but the less specific the protection. Endpoints of security channels differ between layers. End-to-end or hop-by-hop security? Example: protection at Data Link (Network Interface) layer, e.g. link level encryptor. Advantage: covers all traffic on that link, independent of protocols above. Disadvantage: protection only for one hop. Chapter 16: 11
12 IPsec Defined in RFCs (obsolete ). Provides security at network (Internet) layer. All IP datagrams covered. No re-engineering of applications. Transparent to upper layer. Mandatory for next generation IPv6, optional for IPv4. Two basic modes of use: Transport mode: IPsec-aware hosts as endpoints. Tunnel mode: for IPsec-unaware hosts, tunnel established by intermediate gateways or host OS. Chapter 16: 12
13 IPsec Transport Mode Host-to-host (end-to-end) security: IPsec processing performed at endpoints of secure channel. Endpoint hosts must be IPsec-aware. Header Payload IP datagram network Header Payload IP datagram Chapter 16: 13
14 IPsec Tunnel Mode Entire IP datagram plus security fields treated as new payload of outer IP datagram. Original inner IP datagram encapsulated within outer IP datagram. IPsec processing performed at security gateways on behalf of endpoint hosts. Gateway could be perimeter firewall or router. Gateway-to-gateway but not end-to-end security. Hosts need not be IPsec-aware. Encrypted inner IP datagram, including original source and destination addresses, not visible to intermediate routers. Chapter 16: 14
15 IPsec Tunnel Mode Header Payload Inner IP datagram Outer Header Header Payload network Header Payload Inner IP datagram Outer Header Header Payload Chapter 16: 15
16 IPsec Authentication and/or confidentiality services for data: AH protocol [RFC 4302] ESP protocol [RFC 4303 ] Use of AH being deprecated in favour of ESP. Political reasons for introducing an authentication-only protocol in the 1990s have faded. (Too?) flexible set of key establishment methods (covered later in the course): IKE, IKEv2. Chapter 16: 16
17 AH Protocol [RFC 4302] AH = Authentication Header: provides connectionless data integrity and data origin authentication. Authenticates whole payload and most of header. Prevents IP address spoofing: source IP address is authenticated. Creates stateful channel using sequence numbers. Heresy! Prevents replay of old datagrams: AH sequence number is authenticated. Uses MAC and secret key shared between endpoints. Chapter 16: 17
18 ESP Protocol Encapsulating Security Payload [RFC 4303]. Provides one or both of: Confidentiality for payload/inner datagram; sequence number not protected by encryption. Authentication of payload/inner datagram, but not of outer IP header. Traffic-flow confidentiality in tunnel mode. Symmetric encryption and MACs based on secret keys shared between endpoints. Chapter 16: 18
19 ESP Headers ESP specifies header and trailer to be added to IP datagrams. Header fields include: SPI (Security Parameters Index): identifies which algorithms and keys are to be used for IPsec processing (more later). Sequence number. Trailer fields include: Any padding needed for encryption algorithm (may also help disguise payload length). Padding length. Authentication data (if any), i.e. the MAC value. Chapter 16: 19
20 ESP Header (RFC 2406) Security Parameters Index (SPI) Sequence Number Payload data (variable) Padding (0 255 bytes) Next header Length Authentication Data (variable number of 32-bit words) Chapter 16: 20
21 ESP Protocol Transport & Tunnel ESP in transport mode: Original IP header ESP hdr SPI, seqno Payload (eg TCP, UDP, ICMP) ESP trlr ESP auth MAC scope Encryption scope ESP in tunnel mode: Outer IP header ESP hdr SPI, seqno Inner IP header Payload (eg TCP, UDP, ICMP) ESP trlr ESP auth MAC scope Encryption scope Chapter 16: 21
22 IPsec Security Association (SA) A SA is a one-way (simplex) relationship between sender and receiver. Specifies processing to be applied to this datagram from this sender to this receiver. List of active SAs held in SA database (SAD). Each SA identified by SPI, source address, destination address; contains: Sequence number counter and anti-replay window. AH/ESP info: algorithms, IVs, keys, key lifetimes. SA lifetime. Protocol mode: tunnel or transport. Chapter 16: 22
23 Combining SAs IPsec security services may be provided at different points in network. Host-to-host. Gateway-to-gateway for Virtual Private Network (VPN). SAs can be combined using: Transport adjacency: more than one SA applied to same IP datagram without tunnelling. Iterated tunnelling: multiple levels of nesting of IPsec tunnels; each level has its own SA; each tunnel can begin/end at different IPsec site along route. Chapter 16: 23
24 Remote Host to Internal Server Remote host has Internet access to gateway, then gains access to server behind gateway. Traffic to server protected in inner tunnel. Outer tunnel protects inner traffic over Internet. Outer Tunnel Inner tunnel remote host Internet Security Gateway Local network server Chapter 16: 24
25 IPsec Key Management IPsec needs a lot of symmetric keys: One key for each SA. Different SA for each combination of {ESP,AH} {tunnel,transport} {sender, receiver}. Two sources for SAs and keys: Manual keying: works for small number of nodes but hopeless for reasonably sized networks of IPsec-aware hosts; requires manual re-keying. IKE: Internet Key Exchange [RFC 2409, 4306]; many options and parameters. Chapter 16: 25
26 IKE Security Goals Entity authentication of participating parties. Establish fresh shared secret, to derive further keys: for protecting IKE management channel, for SAs for general use. Secure negotiation of all algorithms. Authentication method, key exchange method, encryption and MAC algorithms, hash algorithms. Resistance to Denial-of-Service attacks. Options for perfect forward secrecy, deniable authentication and identity protection. Chapter 16: 26
27 IPsec Security Policy IPsec aware host needs rules for processing packets. Should packet be dropped, passed through, encrypted, MACed? Which key and algorithm to apply? Rules stored in a Security Policy Database (SPD). SPD consulted for each outbound & inbound packet. Fields in IP datagram compared to fields in SPD entries to find matches. Match can be based on source and destination addresses (ranges of addresses), transport layer protocol, transport layer port numbers, Match identifies a Security Association (SA) or group of SAs (or the need for new SA). Chapter 16: 27
28 Finding the Right SA Each entry in the Security Association Database (SAD) must indicate whether the SA lookup makes use of the destination, or destination and source IP addresses in addition to the SPI. For each inbound IPsec-protected packet, search the SAD such that the entry that matches the longest SA identifier is found. 1. Search the SAD for a match on {SPI, destination address, source address}; if an SAD entry matches, then process the inbound packet with that entry. 2. Otherwise, search the SAD for a match on {SPI, destination address}; if an SAD entry matches, then process the inbound packet with that entry. 3. Otherwise, search the SAD for a match on only {SPI} if the receiver has chosen to maintain a single SPI space for AH and ESP, or on {SPI, protocol} otherwise; if an SAD entry matches, then process the inbound packet with that entry. 4. Otherwise, discard the packet and log an auditable event. Chapter 16: 28
29 IPsec Outbound Processing Look up SPD to find policy for packet Drop, pass through or process packet? Create new SA if needed Encrypt/MA C using keys from SA Pass packet to next instance of IPsec processing Y More IPsec processing required? N Pass packet down to Link Layer Chapter 16: 29
30 SSL/TLS Chapter 16: 30
31 SSL/TLS Overview SSL = Secure Sockets Layer. Unreleased v1, flawed but useful v2, good v3. TLS = Transport Layer Security Protocol. TLS1.0 = SSL3.0 with minor modifications Version 1.2 defined in RFC 5246 (October 2008) Open-source implementation at Widely used in Web browsers and servers to support secure e-commerce over HTTP. HTTPS sessions indicated by browser lock. Chapter 16: 31
32 SSL/TLS Basic Features Security at session layer. Thin layer between TCP and, e.g., HTTP. TCP provides reliable, end-to-end transport. Applications must be aware of SSL, need some modification. Two layer architecture: SSL Record Protocol: provides secure, reliable channel to second layer. Upper layer carries SSL Handshake Protocol, Change Cipher Specification Protocol, Alert Protocol, HTTP, any other application protocols. Chapter 16: 32
33 SSL/TLS Handshake Goals Entity authentication of participants. Participants are client and server. Server nearly always authenticated, client more rarely. Appropriate for most e-commerce applications. Establish a fresh, shared secret. Shared secret used to derive further keys. For confidentiality and authentication in SSL Record Protocol. Secure ciphersuite negotiation. Encryption and hash algorithms Authentication and key establishment methods. Chapter 16: 33
34 Sessions & Connections Session: Created by handshake protocol. Defines set of cryptographic parameters (encryption and hash algorithm, master secret, certificates). Carries multiple connections to avoid repeated use of expensive handshake protocol. Connection: State defined by nonces, secret keys for MAC and encryption, IVs, sequence numbers. Keys for many connections derived from single master secret created during handshake protocol. Chapter 16: 34
35 SSL Handshake Protocol: Run We sketch the most common use of SSL: No client authentication. Client sends pre_master_secret using Server s public encryption key from Server certificate. Server authenticated by ability to decrypt to obtain pre_master_secret, and construct correct finished message. Other protocol runs are similar. Chapter 16: 35
36 SSL Handshake Protocol Run M1: ClientHello client M2: ServerHello, ServerCertChain, ServerHelloDone M3: ClientKeyExchange, ChangeCipherSpec, ClientFinished M4: ChangeCipherSpec, ServerFinished server Chapter 16: 36
37 M1: ClientHello Client initiates connection. Sends client version number. 3.1 for TLS. Sends ClientNonce. 28 random bytes plus 4 bytes of time. Offers list of ciphersuites: Key exchange and authentication options, encryption algorithms, hash functions. E.g. TLS_RSA_WITH_3DES_EDE_CBC_SHA. Chapter 16: 37
38 M2: ServerHello, Sends server version number. Sends ServerNonce and SessionID. Selects single ciphersuite from list offered by client. Sends ServerCertChain message. Allows client to validate server s public key back to acceptable root of trust. (optional) CertRequest message. Omitted in this protocol run no client authentication. Finally, ServerHelloDone. Chapter 16: 38
39 M3: ClientKeyExchange, ClientKeyExchange contains encryption of pre_master_secret under server s public key. ChangeCipherSpec indicates that client is updating cipher suite to be used on this session. Sent using SSL Change Cipher Spec. Protocol. Optional (only when client is authenticated): ClientCertificate, ClientCertificateVerify messages. Finally, ClientFinished message. MAC on all messages sent so far (both sides). MAC computed using master_secret. Chapter 16: 39
40 M4: ChangeCipherSpec, ChangeCipherSpec indicates that server is updating cipher suite to be used on this session. Sent using SSL Change Cipher Spec. Protocol. Finally, ServerFinished message. MAC on all messages sent so far (both sides). MAC computed using master_secret. Server can only compute MAC if it can decrypt pre_master_secret in M3. Chapter 16: 40
41 SSL Handshake Protocol Run 1. Is the client authenticated to the server in this protocol run? No! 2. Can adversary learn value of pre_master_secret? No! Client has validated server s public key; To learn pre_master_secret the server s private key is needed to decrypt ClientKeyExchange 3. Is the server authenticated to the client? Yes! ServerFinished includes MAC on nonces computed using key derived from pre_master_secret. Chapter 16: 41
42 SSL/TLS Applications Secure e-commerce using SSL/TLS. Client authentication not needed until client decides to buy something. SSL provides secure channel for sending credit card information. Client authenticated using credit card information, merchant bears (most of) risk. Widely deployed (de-facto standard). Chapter 16: 42
43 EAP Chapter 16: 43
44 EAP Extensible Authentication Protocol Specified in IEEE 802.1X and RFC 3748 for entity authentication. Defines general message flow; can be implemented using a variety of underlying mechanisms. Application: WLAN authentication (802.1X); Cisco wireless equipment implements EAP. EAPOL: EAP over LAN; just a delivery mechanism; for authentication, an EAP method such as EAP-TLS or EAP- TTLS has to be defined. 3GPP WLAN interworking, e.g. EAP-AKA Windows supports various EAP methods for remote access. Chapter 16: 44
45 Design Principle Applications calling an authentication protocol just see an abstract message flow. Thus, authentication mechanism can be chosen independent of application. Authentication mechanism can be changed without having to rewrite application. Other examples: GSS-API, SAML profiles for web services. Chapter 16: 45
46 EAP Generic Message Flow EAP peer Authentication server Identity exchange message (can be skipped). Repeat as many rounds as needed to complete EAPmethods Success/Failure message EAP-Request/Identity EAP-Response/Identity EAP-Request/EAP-Type = X (...) (method specific payload) EAP-Response/EAP-Type = X (...) (method specific payload) EAP-Success/EAP-Failure Chapter 16: 46
47 EAP methods Generic EAP messages exchange identities, encapsulate authentication protocol messages. These protocols are called methods. Users identified by Network Access Identifier (NAI); specified in RFC EAP methods provide at least one way authentication (EAP peer EAP server). Many existing or proposed EAP methods that differ in their characteristics & security levels. Chapter 16: 47
48 EAP-TTLS v0 (with CHAP) EAP peer 1. EAP-Request/Identity 2. EAP-Response/Identity (id) 3. EAP-Request/EAP-TTLS (Start) Authentication server 4. EAP-Response/EAP-TTLS (ClientHello) 5. EAP-Request/EAP-TTLS (ServerHello, Certificate, Server Key Exchange, ServerHelloDone) 6. EAP-Response/EAP-TTLS (ClientKeyExchange, ChangeCipherSpec, Finished) 7. EAP-Request/EAP-TTLS (ChangeCipherSpec, finished) 8. EAP-Response/EAP-TTLS ({UserName}, {CHAP-Challenge}, {CHAP-Password}) 9. EAP Success/Failure secure tunnel Chapter 16: 48
Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1516/ Chapter 16: 1
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 16: 1 Chapter 16: Communications Security Chapter 16: 2 Agenda Threat model Secure tunnels Protocol design principles IPsec
More informationLehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec
Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München ilab Lab 8 SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one specific port SSL
More informationUniversität Hamburg. SSL & Company. Fachbereich Informatik SVS Sicherheit in Verteilten Systemen. Security in TCP/IP. UH, FB Inf, SVS, 18-Okt-04 2
Universität Hamburg SSL & Company Fachbereich Informatik SVS Sicherheit in Verteilten Systemen Security in TCP/IP UH, FB Inf, SVS, 18-Okt-04 2 SSL/TLS Overview SSL/TLS provides security at TCP layer. Uses
More informationIP Security IK2218/EP2120
IP Security IK2218/EP2120 Markus Hidell, mahidell@kth.se KTH School of ICT Based partly on material by Vitaly Shmatikov, Univ. of Texas Acknowledgements The presentation builds upon material from - Previous
More informationProtocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.
P2 Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE 802.11i, IEEE 802.1X P2.2 IP Security IPsec transport mode (host-to-host), ESP and
More informationIP Security. Have a range of application specific security mechanisms
IP Security IP Security Have a range of application specific security mechanisms eg. S/MIME, PGP, Kerberos, SSL/HTTPS However there are security concerns that cut across protocol layers Would like security
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Security in Network Layer Implementing security in application layer provides flexibility in security
More informationInternet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho
Internet Security - IPSec, SSL/TLS, SRTP - 29th. Oct. 2007 Lee, Choongho chlee@mmlab.snu.ac.kr Contents Introduction IPSec SSL / TLS SRTP Conclusion 2/27 Introduction (1/2) Security Goals Confidentiality
More informationCIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec
CIS 6930/4930 Computer and Network Security Topic 8.1 IPsec 1 IPsec Objectives Why do we need IPsec? IP V4 has no authentication IP spoofing Payload could be changed without detection. IP V4 has no confidentiality
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationCryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 20 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationThe IPsec protocols. Overview
The IPsec protocols -- components and services -- modes of operation -- Security Associations -- Authenticated Header (AH) -- Encapsulated Security Payload () (c) Levente Buttyán (buttyan@crysys.hu) Overview
More informationCS 356 Internet Security Protocols. Fall 2013
CS 356 Internet Security Protocols Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5
More informationThe World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to
1 The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to compromises of various sorts, with a range of threats
More informationSecurity Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)
Security Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings) Lecture Outline Network Attacks Attive Attacks Passive Attacks TCP Attacks Contermeasures IPSec SSL/TLS Firewalls
More informationCryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption
and secure channel May 17, 2018 1 / 45 1 2 3 4 5 2 / 45 Introduction Simplified model for and decryption key decryption key plain text X KE algorithm KD Y = E(KE, X ) decryption ciphertext algorithm X
More informationNetwork Security - ISA 656 IPsec IPsec Key Management (IKE)
Network Security - ISA 656 IPsec IPsec (IKE) Angelos Stavrou September 28, 2008 What is IPsec, and Why? What is IPsec, and Why? History IPsec Structure Packet Layout Header (AH) AH Layout Encapsulating
More informationNetwork Security: IPsec. Tuomas Aura
Network Security: IPsec Tuomas Aura 3 IPsec architecture and protocols Internet protocol security (IPsec) Network-layer security protocol Protects IP packets between two hosts or gateways Transparent to
More informationTransport Layer Security
Cryptography and Security in Communication Networks Transport Layer Security ETTI - Master - Advanced Wireless Telecommunications Secure channels Secure data delivery on insecure networks Create a secure
More informationCSC 6575: Internet Security Fall 2017
CSC 6575: Internet Security Fall 2017 Network Security Devices IP Security Mohammad Ashiqur Rahman Department of Computer Science College of Engineering Tennessee Tech University 2 IPSec Agenda Architecture
More informationNetwork Encryption 3 4/20/17
The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server
More informationCOSC4377. Chapter 8 roadmap
Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are
More informationChapter 5: Network Layer Security
Managing and Securing Computer Networks Guy Leduc Mainly based on Network Security - PRIVATE Communication in a PUBLIC World C. Kaufman, R. Pearlman, M. Speciner Pearson Education, 2002. (chapters 17 and
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationInternet security and privacy
Internet security and privacy IPsec 1 Layer 3 App. TCP/UDP IP L2 L1 2 Operating system layers App. TCP/UDP IP L2 L1 User process Kernel process Interface specific Socket API Device driver 3 IPsec Create
More informationNetwork Security: IPsec. Tuomas Aura T Network security Aalto University, Nov-Dec 2014
Network Security: IPsec Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2014 2 IPsec: Architecture and protocols Internet protocol security (IPsec) Network-layer security protocol Protects
More informationThe Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME,
1 The Internet community has developed application-specific security mechanisms in a number of application areas, including electronic mail (S/MIME, PGP), client/server (Kerberos), Web access (Secure Sockets
More informationChapter 6. IP Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University
Chapter 6 IP Security Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University +91 9426669020 bhargavigoswami@gmail.com Topic List 1. IP Security Overview 2. IP Security Architecture 3.
More informationVirtual Private Network
VPN and IPsec Virtual Private Network Creates a secure tunnel over a public network Client to firewall Router to router Firewall to firewall Uses the Internet as the public backbone to access a secure
More informationCryptography and Network Security Chapter 16. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Chapter 16 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death,
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationIPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43
0/43 IPsec and SSL/TLS Applied Cryptography 0 Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, 2016 Cryptography in the TCP/IP stack application layer transport layer network layer data-link
More informationIP Security. Cunsheng Ding HKUST, Kong Kong, China
IP Security Cunsheng Ding HKUST, Kong Kong, China Agenda Some attacks against the IP Brief introduction to IPSec Building Block: Security Association Building Block: Security Association Database Building
More informationNetwork Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2014
Network Security: TLS/SSL Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2014 Outline 1. Diffie-Hellman key exchange (recall from earlier) 2. Key exchange using public-key encryption
More informationOutline. 0 Topic 4.1: Securing Real-Time Communications 0 Topic 4.2: Transport Layer Security 0 Topic 4.3: IPsec and IKE
Outline 0 Topic 4.1: Securing Real-Time Communications 0 Topic 4.2: Transport Layer Security 0 Topic 4.3: IPsec and IKE 2 Securing Real-time Communications 0 In a real-time protocol, two parties negotiate
More informationComputer security Lecture 11
Computer security Lecture 11 Communications and network security Jan-Åke Larsson Communication and network security: Threat model Passive attacks: Eavesdropping, Wiretapping, Sniffing, and Traffic analysis
More informationCSC 4900 Computer Networks: Security Protocols (2)
CSC 4900 Computer Networks: Security Protocols (2) Professor Henry Carter Fall 2017 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message Integrity 8.4 End point Authentication
More informationApplication Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer
ISO/OSI Model SSL: Security at Transport Layer Application Layer Peer-to-peer Application Layer Network Security Assurance Presentation Layer Session Layer Transport Layer Presentation Layer Session Layer
More informationVPN and IPsec. Network Administration Using Linux. Virtual Private Network and IPSec 04/2009
VPN and IPsec Network Administration Using Linux Virtual Private Network and IPSec 04/2009 What is VPN? VPN is an emulation of a private Wide Area Network (WAN) using shared or public IP facilities. A
More informationLecture 9: Network Level Security IPSec
Lecture 9: Network Level Security IPSec CS 336/536: Computer Network Security Fall 2015 Nitesh Saxena Adopted from previous lecture by Keith Ross, and Tony Barnard HW3 being graded Course Admin HW4 will
More informationChapter 4: Securing TCP connections
Managing and Securing Computer Networks Guy Leduc Chapter 5: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section
More informationNetwork Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: TLS/SSL Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Diffie-Hellman 2. Key exchange using public-key encryption 3. Goals of authenticated key exchange
More informationCSE509: (Intro to) Systems Security
CSE509: (Intro to) Systems Security Fall 2012 Invited Lecture by Vyas Sekar IPSec 2005-12 parts by Matt Bishop, used with permission Security in Real Life: Motivation Site SF Company X $$$ Site NY Site
More informationChapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls 32.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32.2 Figure 32.1 Common structure
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationChapter 6/8. IP Security
Chapter 6/8 IP Security Prof. Bhargavi H Goswami Department of MCA, Sunshine Group of Institutes, Rajkot, Gujarat, India. Mob: +918140099018. Email: bhargavigoswami@gmail.com Topic List 1. IP Security
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Final Exam Review Instructor: Dr. Kun Sun Topics covered by Final Topic before Midterm 10% Topic after Midterm 90% Date: 12/13/2017 7:30am 10:15am Place: the same
More informationIPsec (AH, ESP), IKE. Guevara Noubir CSG254: Network Security
IPsec (AH, ESP), IKE Guevara Noubir noubir@ccs.neu.edu Securing Networks Control/Management (configuration) Applications Layer telnet/ftp: ssh, http: https, mail: PGP (SSL/TLS) Transport Layer (TCP) (IPSec,
More information8. Network Layer Contents
Contents 1 / 43 * Earlier Work * IETF IP sec Working Group * IP Security Protocol * Security Associations * Authentication Header * Encapsulation Security Payload * Internet Key Management Protocol * Modular
More informationIP Security Part 1 04/02/06. Hofstra University Network Security Course, CSC290A
Network Security IP Security Part 1 1 IP Security Overview 1994 RFC1636, Security in the Internet Architecture Identified key needs: Secure network infrastructure from unauthorized monitoring Control network
More informationINF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang
INF3510 Information Security University of Oslo Spring 2011 Lecture 9 Communication Security Audun Jøsang Outline Network security concepts Communication security Perimeter security Protocol architecture
More informationChapter 11 The IPSec Security Architecture for the Internet Protocol
Chapter 11 The IPSec Security Architecture for the Internet Protocol IPSec Architecture Security Associations AH / ESP IKE [NetSec], WS 2008/2009 11.1 The TCP/IP Protocol Suite Application Protocol Internet
More informationProtocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science
Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science History of computer network protocol development in 20 th century. Development of hierarchical
More informationInt ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28
Int ernet w orking Internet Security Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Internet Security Internet security is difficult Internet protocols were not originally designed for security The
More informationINFS 766 Internet Security Protocols. Lectures 7 and 8 IPSEC. Prof. Ravi Sandhu IPSEC ROADMAP
INFS 766 Internet Security Protocols Lectures 7 and 8 IPSEC Prof. Ravi Sandhu IPSEC ROADMAP Security Association IP AH (Authentication Header) Protocol IP ESP (Encapsulating Security Protocol) Authentication
More informationThe IPSec Security Architecture for the Internet Protocol
Chapter 11 The IPSec Security Architecture for the Internet Protocol [NetSec], WS 2005/2006 11.1 Overview Brief introduction to the Internet Protocol (IP) suite Security problems of IP and objectives of
More informationJunos Security. Chapter 8: IPsec VPNs Juniper Networks, Inc. All rights reserved. Worldwide Education Services
Junos Security Chapter 8: IPsec VPNs 2012 Juniper Networks, Inc. All rights reserved. www.juniper.net Worldwide Education Services Chapter Objectives After successfully completing this chapter, you will
More informationChapter 8 Network Security
Chapter 8 Network Security A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you can add, modify, and
More informationLecture 13 Page 1. Lecture 13 Page 3
IPsec Network Security: IPsec CS 239 Computer Software March 2, 2005 Until recently, the IP protocol had no standards for how to apply security Encryption and authentication layered on top Or provided
More informationSample excerpt. Virtual Private Networks. Contents
Contents Overview...................................................... 7-3.................................................... 7-5 Overview of...................................... 7-5 IPsec Headers...........................................
More informationNetwork Security IN2101
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security IN2101 Prof. Dr.-Ing. Georg Carle Dipl.-Inform. Ali Fessi Institut für Informatik Technische
More informationNetwork Security (NetSec) IN2101 WS 16/17
Chair of Network Architectures and Services Department of Informatics Technical University of Munich Network Security (NetSec) IN2101 WS 16/17 Prof. Dr.-Ing. Georg Carle Dr. Heiko Niedermayer, Cornelius
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationVirtual Private Networks (VPN)
CYBR 230 Jeff Shafer University of the Pacific Virtual Private Networks (VPN) 2 Schedule This Week Mon September 4 Labor Day No class! Wed September 6 VPN Project 1 Work Fri September 8 IPv6? Project 1
More informationInternet security and privacy
Internet security and privacy SSL/TLS 1 Application layer App. TCP/UDP IP L2 L1 2 Application layer App. SSL/TLS TCP/UDP IP L2 L1 3 History of SSL/TLS Originally, SSL Secure Socket Layer, was developed
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationChapter 8 Web Security
Chapter 8 Web Security Web security includes three parts: security of server, security of client, and network traffic security between a browser and a server. Security of server and security of client
More informationVirtual Private Networks
EN-2000 Reference Manual Document 8 Virtual Private Networks O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses transmission security,
More informationLecture 12 Page 1. Lecture 12 Page 3
IPsec Network Security: IPsec CS 239 Computer Software February 26, 2003 Until recently, the IP protocol had no standards for how to apply security Encryption and authentication layered on top Or provided
More informationCSE543 Computer and Network Security Module: Network Security
CSE543 Computer and Network Security Module: Network Security Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 2 Communication Security Want to establish a secure channel
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationCryptography (Overview)
Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography
More informationIntroduction to IPsec. Charlie Kaufman
Introduction to IPsec Charlie Kaufman charliek@microsoft.com 1 IP Security (IPsec) IETF standard for Network Layer security Popular for creating trusted link (VPN), either firewall-firewall, or machine
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationVPN Overview. VPN Types
VPN Types A virtual private network (VPN) connection establishes a secure tunnel between endpoints over a public network such as the Internet. This chapter applies to Site-to-site VPNs on Firepower Threat
More informationVirtual Tunnel Interface
This chapter describes how to configure a VTI tunnel. About s, on page 1 Guidelines for s, on page 1 Create a VTI Tunnel, on page 2 About s The ASA supports a logical interface called (VTI). As an alternative
More informationConfiguration of an IPSec VPN Server on RV130 and RV130W
Configuration of an IPSec VPN Server on RV130 and RV130W Objective IPSec VPN (Virtual Private Network) enables you to securely obtain remote access to corporate resources by establishing an encrypted tunnel
More informationINTERNET PROTOCOL SECURITY (IPSEC) GUIDE.
INTERNET PROTOCOL SECURITY (IPSEC) GUIDE www.insidesecure.com INTRODUCING IPSEC NETWORK LAYER PACKET SECURITY With the explosive growth of the Internet, more and more enterprises are looking towards building
More informationSecure channel, VPN and IPsec. stole some slides from Merike Kaeo
Secure channel, VPN and IPsec stole some slides from Merike Kaeo 1 HTTP and Secure Channel HTTP HTTP TLS TCP TCP IP IP 2 SSL and TLS SSL/TLS SSL v3.0 specified
More informationOn the Internet, nobody knows you re a dog.
On the Internet, nobody knows you re a dog. THREATS TO DISTRIBUTED APPLICATIONS 1 Jane Q. Public Big Bank client s How do I know I am connecting to my bank? server s Maybe an attacker...... sends you phishing
More informationSecure Socket Layer. Security Threat Classifications
Secure Socket Layer 1 Security Threat Classifications One way to classify Web security threats in terms of the type of the threat: Passive threats Active threats Another way to classify Web security threats
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationSSL/TLS. How to send your credit card number securely over the internet
SSL/TLS How to send your credit card number securely over the internet The security provided by SSL SSL is implemented at level 4 The transport control layer In practice, SSL uses TCP sockets The underlying
More informationThe EN-4000 in Virtual Private Networks
EN-4000 Reference Manual Document 8 The EN-4000 in Virtual Private Networks O ne of the principal features of routers is their support of virtual private networks (VPNs). This document discusses transmission
More informationLecture 10: Communications Security
INF3510 Information Security Lecture 10: Communications Security Nils Gruschka University of Oslo Spring 2018 Introduction Nils Gruschka University Kiel (Diploma in Computer Science) T-Systems, Hamburg
More informationConfiguring L2TP over IPsec
CHAPTER 62 This chapter describes how to configure L2TP over IPsec on the ASA. This chapter includes the following topics: Information About L2TP over IPsec, page 62-1 Licensing Requirements for L2TP over
More informationNetwork Security and Cryptography. December Sample Exam Marking Scheme
Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers
More informationInformation Security & Privacy
IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 2 Sept 4, 2013 Key Management Network Security 1 Objectives Understand/explain the issues related to, and
More informationIP Security Discussion Raise with IPv6. Security Architecture for IP (IPsec) Which Layer for Security? Agenda. L97 - IPsec.
IP Security Discussion Raise with IPv6 Security Architecture for IP (IPsec) Security Association (SA), AH-Protocol, -Protocol Operation-Modes, Internet Key Exchange Protocol (IKE) End-to-end security will
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 15 Electronic Mail Security Despite the refusal of VADM Poindexter and LtCol North to appear,
More informationVPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1
VPN, IPsec and TLS stole slides from Merike Kaeo apricot2017 1 Virtual Private Network Overlay Network a VPN is built on top of a public network (Internet)
More informationIntroduction. INF3510 Information Security. Lecture 10: Communications Security. Outline. Network Security Concepts. University of Oslo Spring 2018
Introduction INF3510 Information Security Lecture 10: Communications Security Nils Gruschka University of Oslo Spring 2018 Nils Gruschka University Kiel (Diploma in Computer Science) T-Systems, Hamburg
More informationProf. Shervin Shirmohammadi SITE, University of Ottawa. Security Architecture. Lecture 13: Prof. Shervin Shirmohammadi CEG
Lecture 13: Security Architecture Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 13-1 Network Assets and Security Threats Assets: Hardware (PC, workstation,
More informationConfiguring Security for VPNs with IPsec
This module describes how to configure basic IPsec VPNs. IPsec is a framework of open standards developed by the IETF. It provides security for the transmission of sensitive information over unprotected
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationSecuring IoT applications with Mbed TLS Hannes Tschofenig Arm Limited
Securing IoT applications with Mbed TLS Hannes Tschofenig Agenda Theory Threats Security services Hands-on with Arm Keil MDK Pre-shared secret-based authentication (covered in webinar #1) TLS Protocol
More informationSet Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers
Set Up a Remote Access Tunnel (Client to Gateway) for VPN Clients on RV016, RV042, RV042G and RV082 VPN Routers Objective A Virtual Private Network (VPN) is a private network that is used to virtually
More information